A security advance or just good PR?

Another sign this week that security standards are continuing their slow, painful growth towards maturity. But is it enough?
Global credit-scoring agencies Equifax, Experian and TransUnion are reported to be looking at developing a joint...

Another sign this week that security standards are continuing their slow, painful growth towards maturity. But is it enough?

Global credit-scoring agencies Equifax, Experian and TransUnion are reported to be looking at developing a joint system for exchanging customer data in encrypted form. They currently secure data using their own encryption schemes, but apparently dont necessarily move it around to the same levels of security.

The standard proposed would be 3DES or AES, the minimum youd hope for as a starting point.

Despite sounding dull, credit scoring is the foundation of the modern economy because it dictates who gets to borrow money, and on what terms, and who doesnt. This makes the information especially valuable, and failures potentially disastrous if it is not secured when being exchanged.

As Techworld has reported, the financial sector - especially the U.S. financial sector - has a lousy record of protecting customer data. Even this year, there have been massive unprecedented thefts.

The credit scoring industry has had similar problems in the past, though not so far on the same gargantuan scale. Of course, the bigger problem in all this is that there is still no legislation on compelling companies to reveal data theft disclosure (though the U.S. has some in the pipeline).

Until that happens across the developed world, consumers will still be vulnerable to the cover up, and new developments in encryption will continue to be seen as public relations exercises. As ever, legislation will move more slowly than technology.